diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2016-03-23 09:33:42 -0400 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2016-03-23 09:33:42 -0400 |
commit | d25ba7fcc3a74ea61aee8447d872e1595c267eaa (patch) | |
tree | ee875c476fca550a44b2d3a4e98e8da9f69b8f4c | |
parent | grsecurity-3.1-4.4.5-201603142220 (diff) | |
download | hardened-patchset-d25ba7fcc3a74ea61aee8447d872e1595c267eaa.tar.gz hardened-patchset-d25ba7fcc3a74ea61aee8447d872e1595c267eaa.tar.bz2 hardened-patchset-d25ba7fcc3a74ea61aee8447d872e1595c267eaa.zip |
grsecurity-3.1-4.4.6-20160322174820160322
-rw-r--r-- | 4.4.6/0000_README (renamed from 4.4.5/0000_README) | 2 | ||||
-rw-r--r-- | 4.4.6/4420_grsecurity-3.1-4.4.6-201603221748.patch (renamed from 4.4.5/4420_grsecurity-3.1-4.4.5-201603142220.patch) | 221 | ||||
-rw-r--r-- | 4.4.6/4425_grsec_remove_EI_PAX.patch (renamed from 4.4.5/4425_grsec_remove_EI_PAX.patch) | 0 | ||||
-rw-r--r-- | 4.4.6/4427_force_XATTR_PAX_tmpfs.patch (renamed from 4.4.5/4427_force_XATTR_PAX_tmpfs.patch) | 0 | ||||
-rw-r--r-- | 4.4.6/4430_grsec-remove-localversion-grsec.patch (renamed from 4.4.5/4430_grsec-remove-localversion-grsec.patch) | 0 | ||||
-rw-r--r-- | 4.4.6/4435_grsec-mute-warnings.patch (renamed from 4.4.5/4435_grsec-mute-warnings.patch) | 0 | ||||
-rw-r--r-- | 4.4.6/4440_grsec-remove-protected-paths.patch (renamed from 4.4.5/4440_grsec-remove-protected-paths.patch) | 0 | ||||
-rw-r--r-- | 4.4.6/4450_grsec-kconfig-default-gids.patch (renamed from 4.4.5/4450_grsec-kconfig-default-gids.patch) | 12 | ||||
-rw-r--r-- | 4.4.6/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 4.4.5/4465_selinux-avc_audit-log-curr_ip.patch) | 2 | ||||
-rw-r--r-- | 4.4.6/4470_disable-compat_vdso.patch (renamed from 4.4.5/4470_disable-compat_vdso.patch) | 0 | ||||
-rw-r--r-- | 4.4.6/4475_emutramp_default_on.patch (renamed from 4.4.5/4475_emutramp_default_on.patch) | 0 |
11 files changed, 67 insertions, 170 deletions
diff --git a/4.4.5/0000_README b/4.4.6/0000_README index 6d51814..3c1a08c 100644 --- a/4.4.5/0000_README +++ b/4.4.6/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.1-4.4.5-201603142220.patch +Patch: 4420_grsecurity-3.1-4.4.6-201603221748.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/4.4.5/4420_grsecurity-3.1-4.4.5-201603142220.patch b/4.4.6/4420_grsecurity-3.1-4.4.6-201603221748.patch index dac56bb..a0d7af9 100644 --- a/4.4.5/4420_grsecurity-3.1-4.4.5-201603142220.patch +++ b/4.4.6/4420_grsecurity-3.1-4.4.6-201603221748.patch @@ -448,22 +448,8 @@ index af70d15..ccd3786 100644 modules_disabled: A toggle value indicating if modules are allowed to be loaded -diff --git a/Documentation/virtual/kvm/mmu.txt b/Documentation/virtual/kvm/mmu.txt -index 3a4d681..b653641 100644 ---- a/Documentation/virtual/kvm/mmu.txt -+++ b/Documentation/virtual/kvm/mmu.txt -@@ -358,7 +358,8 @@ In the first case there are two additional complications: - - if CR4.SMEP is enabled: since we've turned the page into a kernel page, - the kernel may now execute it. We handle this by also setting spte.nx. - If we get a user fetch or read fault, we'll change spte.u=1 and -- spte.nx=gpte.nx back. -+ spte.nx=gpte.nx back. For this to work, KVM forces EFER.NX to 1 when -+ shadow paging is in use. - - if CR4.SMAP is disabled: since the page has been changed to a kernel - page, it can not be reused when CR4.SMAP is enabled. We set - CR4.SMAP && !CR0.WP into shadow page's role to avoid this case. Note, diff --git a/Makefile b/Makefile -index d13322a..6eaab55 100644 +index 87d12b4..b9e0477 100644 --- a/Makefile +++ b/Makefile @@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -3514,7 +3500,7 @@ index 78c02b3..c94109a 100644 struct omap_device *omap_device_alloc(struct platform_device *pdev, struct omap_hwmod **ohs, int oh_cnt); diff --git a/arch/arm/mach-omap2/omap_hwmod.c b/arch/arm/mach-omap2/omap_hwmod.c -index 48495ad8..9502fdd 100644 +index 8e0bd59..1d0b85e 100644 --- a/arch/arm/mach-omap2/omap_hwmod.c +++ b/arch/arm/mach-omap2/omap_hwmod.c @@ -200,10 +200,10 @@ struct omap_hwmod_soc_ops { @@ -5594,10 +5580,10 @@ index 4efe96a..60e8699 100644 #define SMP_CACHE_BYTES L1_CACHE_BYTES diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig -index 71683a8..54062ef 100644 +index db45961..6932668 100644 --- a/arch/mips/Kconfig +++ b/arch/mips/Kconfig -@@ -2641,6 +2641,7 @@ source "kernel/Kconfig.preempt" +@@ -2642,6 +2642,7 @@ source "kernel/Kconfig.preempt" config KEXEC bool "Kexec system call" select KEXEC_CORE @@ -29629,27 +29615,6 @@ index 4d30b86..94115f0 100644 #define APIC_LVT_NUM 6 /* 14 is the version for Xeon and Pentium 8.4.8*/ -diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c -index e7c2c14..8eb8a93 100644 ---- a/arch/x86/kvm/mmu.c -+++ b/arch/x86/kvm/mmu.c -@@ -3754,13 +3754,15 @@ static void reset_rsvds_bits_mask_ept(struct kvm_vcpu *vcpu, - void - reset_shadow_zero_bits_mask(struct kvm_vcpu *vcpu, struct kvm_mmu *context) - { -+ bool uses_nx = context->nx || context->base_role.smep_andnot_wp; -+ - /* - * Passing "true" to the last argument is okay; it adds a check - * on bit 8 of the SPTEs which KVM doesn't use anyway. - */ - __reset_rsvds_bits_mask(vcpu, &context->shadow_zero_check, - boot_cpu_data.x86_phys_bits, -- context->shadow_root_level, context->nx, -+ context->shadow_root_level, uses_nx, - guest_cpuid_has_gbpages(vcpu), is_pse(vcpu), - true); - } diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h index 7be8a25..7d71250 100644 --- a/arch/x86/kvm/paging_tmpl.h @@ -29700,7 +29665,7 @@ index 899c40f..a114588 100644 .disabled_by_bios = is_disabled, .hardware_setup = svm_hardware_setup, diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 5fd846c..405597f 100644 +index 0958fa2..9fe3f1d 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -1514,12 +1514,12 @@ static void vmcs_write64(unsigned long field, u64 value) @@ -29718,7 +29683,7 @@ index 5fd846c..405597f 100644 { vmcs_writel(field, vmcs_readl(field) | mask); } -@@ -1779,32 +1779,41 @@ static void reload_tss(void) +@@ -1786,7 +1786,11 @@ static void reload_tss(void) struct desc_struct *descs; descs = (void *)gdt->address; @@ -29730,72 +29695,7 @@ index 5fd846c..405597f 100644 load_TR_desc(); } - static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset) - { -- u64 guest_efer; -- u64 ignore_bits; -+ u64 guest_efer = vmx->vcpu.arch.efer; -+ u64 ignore_bits = 0; - -- guest_efer = vmx->vcpu.arch.efer; -+ if (!enable_ept) { -+ /* -+ * NX is needed to handle CR0.WP=1, CR4.SMEP=1. Testing -+ * host CPUID is more efficient than testing guest CPUID -+ * or CR4. Host SMEP is anyway a requirement for guest SMEP. -+ */ -+ if (boot_cpu_has(X86_FEATURE_SMEP)) -+ guest_efer |= EFER_NX; -+ else if (!(guest_efer & EFER_NX)) -+ ignore_bits |= EFER_NX; -+ } - - /* -- * NX is emulated; LMA and LME handled by hardware; SCE meaningless -- * outside long mode -+ * LMA and LME handled by hardware; SCE meaningless outside long mode. - */ -- ignore_bits = EFER_NX | EFER_SCE; -+ ignore_bits |= EFER_SCE; - #ifdef CONFIG_X86_64 - ignore_bits |= EFER_LMA | EFER_LME; - /* SCE is meaningful only in long mode on Intel */ - if (guest_efer & EFER_LMA) - ignore_bits &= ~(u64)EFER_SCE; - #endif -- guest_efer &= ~ignore_bits; -- guest_efer |= host_efer & ignore_bits; -- vmx->guest_msrs[efer_offset].data = guest_efer; -- vmx->guest_msrs[efer_offset].mask = ~ignore_bits; - - clear_atomic_switch_msr(vmx, MSR_EFER); - -@@ -1815,16 +1824,21 @@ static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset) - */ - if (cpu_has_load_ia32_efer || - (enable_ept && ((vmx->vcpu.arch.efer ^ host_efer) & EFER_NX))) { -- guest_efer = vmx->vcpu.arch.efer; - if (!(guest_efer & EFER_LMA)) - guest_efer &= ~EFER_LME; - if (guest_efer != host_efer) - add_atomic_switch_msr(vmx, MSR_EFER, - guest_efer, host_efer); - return false; -+ } else { -+ guest_efer &= ~ignore_bits; -+ guest_efer |= host_efer & ignore_bits; -+ -+ vmx->guest_msrs[efer_offset].data = guest_efer; -+ vmx->guest_msrs[efer_offset].mask = ~ignore_bits; -+ -+ return true; - } -- -- return true; - } - - static unsigned long segment_base(u16 selector) -@@ -2061,6 +2075,10 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) +@@ -2078,6 +2082,10 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) vmcs_writel(HOST_TR_BASE, kvm_read_tr_base()); /* 22.2.4 */ vmcs_writel(HOST_GDTR_BASE, gdt->address); /* 22.2.4 */ @@ -29806,7 +29706,7 @@ index 5fd846c..405597f 100644 rdmsrl(MSR_IA32_SYSENTER_ESP, sysenter_esp); vmcs_writel(HOST_IA32_SYSENTER_ESP, sysenter_esp); /* 22.2.3 */ -@@ -2378,7 +2396,7 @@ static void setup_msrs(struct vcpu_vmx *vmx) +@@ -2395,7 +2403,7 @@ static void setup_msrs(struct vcpu_vmx *vmx) * guest_tsc = (host_tsc * tsc multiplier) >> 48 + tsc_offset * -- Intel TSC Scaling for Virtualization White Paper, sec 1.3 */ @@ -29815,7 +29715,7 @@ index 5fd846c..405597f 100644 { u64 host_tsc, tsc_offset; -@@ -4609,7 +4627,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4626,7 +4634,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) unsigned long cr4; vmcs_writel(HOST_CR0, read_cr0() & ~X86_CR0_TS); /* 22.2.3 */ @@ -29826,7 +29726,7 @@ index 5fd846c..405597f 100644 /* Save the most likely value for this task's CR4 in the VMCS. */ cr4 = cr4_read_shadow(); -@@ -4636,7 +4657,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4653,7 +4664,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */ vmx->host_idt_base = dt.address; @@ -29835,7 +29735,7 @@ index 5fd846c..405597f 100644 rdmsr(MSR_IA32_SYSENTER_CS, low32, high32); vmcs_write32(HOST_IA32_SYSENTER_CS, low32); -@@ -6186,11 +6207,17 @@ static __init int hardware_setup(void) +@@ -6203,11 +6214,17 @@ static __init int hardware_setup(void) * page upon invalidation. No need to do anything if not * using the APIC_ACCESS_ADDR VMCS field. */ @@ -29855,7 +29755,7 @@ index 5fd846c..405597f 100644 if (enable_ept && !cpu_has_vmx_ept_2m_page()) kvm_disable_largepages(); -@@ -6207,6 +6234,7 @@ static __init int hardware_setup(void) +@@ -6224,6 +6241,7 @@ static __init int hardware_setup(void) kvm_tsc_scaling_ratio_frac_bits = 48; } @@ -29863,7 +29763,7 @@ index 5fd846c..405597f 100644 if (enable_apicv) kvm_x86_ops->update_cr8_intercept = NULL; else { -@@ -6215,6 +6243,7 @@ static __init int hardware_setup(void) +@@ -6232,6 +6250,7 @@ static __init int hardware_setup(void) kvm_x86_ops->deliver_posted_interrupt = NULL; kvm_x86_ops->sync_pir_to_irr = vmx_sync_pir_to_irr_dummy; } @@ -29871,7 +29771,7 @@ index 5fd846c..405597f 100644 vmx_disable_intercept_for_msr(MSR_FS_BASE, false); vmx_disable_intercept_for_msr(MSR_GS_BASE, false); -@@ -6269,10 +6298,12 @@ static __init int hardware_setup(void) +@@ -6286,10 +6305,12 @@ static __init int hardware_setup(void) enable_pml = 0; if (!enable_pml) { @@ -29884,7 +29784,7 @@ index 5fd846c..405597f 100644 } kvm_set_posted_intr_wakeup_handler(wakeup_handler); -@@ -8584,6 +8615,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8601,6 +8622,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) "jmp 2f \n\t" "1: " __ex(ASM_VMX_VMRESUME) "\n\t" "2: " @@ -29897,7 +29797,7 @@ index 5fd846c..405597f 100644 /* Save guest registers, load host registers, keep flags */ "mov %0, %c[wordsize](%%" _ASM_SP ") \n\t" "pop %0 \n\t" -@@ -8636,6 +8673,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8653,6 +8680,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) #endif [cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)), [wordsize]"i"(sizeof(ulong)) @@ -29909,7 +29809,7 @@ index 5fd846c..405597f 100644 : "cc", "memory" #ifdef CONFIG_X86_64 , "rax", "rbx", "rdi", "rsi" -@@ -8649,7 +8691,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8666,7 +8698,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) if (debugctlmsr) update_debugctlmsr(debugctlmsr); @@ -29918,7 +29818,7 @@ index 5fd846c..405597f 100644 /* * The sysexit path does not restore ds/es, so we must set them to * a reasonable value ourselves. -@@ -8658,8 +8700,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8675,8 +8707,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) * may be executed in interrupt context, which saves and restore segments * around it, nullifying its effect. */ @@ -29939,7 +29839,7 @@ index 5fd846c..405597f 100644 #endif vcpu->arch.regs_avail = ~((1 << VCPU_REGS_RIP) | (1 << VCPU_REGS_RSP) -@@ -10741,7 +10793,7 @@ out: +@@ -10758,7 +10800,7 @@ out: return ret; } @@ -34577,7 +34477,7 @@ index c3b3f65..5bfe5dc 100644 unsigned long uninitialized_var(pfn_align); int i, nid; diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c -index db20ee9..a2bb098 100644 +index b599a78..4ac899d 100644 --- a/arch/x86/mm/pageattr.c +++ b/arch/x86/mm/pageattr.c @@ -259,7 +259,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, @@ -34624,7 +34524,7 @@ index db20ee9..a2bb098 100644 prot = __pgprot(pgprot_val(prot) & ~pgprot_val(forbidden)); return prot; -@@ -445,23 +454,37 @@ EXPORT_SYMBOL_GPL(slow_virt_to_phys); +@@ -451,23 +460,37 @@ EXPORT_SYMBOL_GPL(slow_virt_to_phys); static void __set_pmd_pte(pte_t *kpte, unsigned long address, pte_t pte) { /* change init_mm */ @@ -34664,7 +34564,7 @@ index db20ee9..a2bb098 100644 } static int -@@ -698,6 +721,10 @@ __split_large_page(struct cpa_data *cpa, pte_t *kpte, unsigned long address, +@@ -704,6 +727,10 @@ __split_large_page(struct cpa_data *cpa, pte_t *kpte, unsigned long address, return 0; } @@ -34675,7 +34575,7 @@ index db20ee9..a2bb098 100644 static int split_large_page(struct cpa_data *cpa, pte_t *kpte, unsigned long address) { -@@ -1141,6 +1168,9 @@ static int __cpa_process_fault(struct cpa_data *cpa, unsigned long vaddr, +@@ -1147,6 +1174,9 @@ static int __cpa_process_fault(struct cpa_data *cpa, unsigned long vaddr, } } @@ -34685,7 +34585,7 @@ index db20ee9..a2bb098 100644 static int __change_page_attr(struct cpa_data *cpa, int primary) { unsigned long address; -@@ -1199,7 +1229,9 @@ repeat: +@@ -1205,7 +1235,9 @@ repeat: * Do we really change anything ? */ if (pte_val(old_pte) != pte_val(new_pte)) { @@ -44054,7 +43954,7 @@ index b928c17..e5d9400 100644 if (regcomp (&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) { diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c -index d690df5..4aaaead 100644 +index c566993..0bf8fae 100644 --- a/drivers/gpu/drm/radeon/radeon_device.c +++ b/drivers/gpu/drm/radeon/radeon_device.c @@ -1253,7 +1253,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) @@ -54128,7 +54028,7 @@ index 29ae58e..305baa0 100644 case WLAN_CIPHER_SUITE_TKIP: iwl_mvm_tkip_sc_to_seq(&sc->tkip.tsc, &seq); diff --git a/drivers/net/wireless/iwlwifi/mvm/tx.c b/drivers/net/wireless/iwlwifi/mvm/tx.c -index c652a66..1f75da8 100644 +index 6743edf..22a86c5 100644 --- a/drivers/net/wireless/iwlwifi/mvm/tx.c +++ b/drivers/net/wireless/iwlwifi/mvm/tx.c @@ -284,7 +284,7 @@ static void iwl_mvm_set_tx_cmd_crypto(struct iwl_mvm *mvm, @@ -84903,10 +84803,10 @@ index eff6319..d8a12987 100644 if (res < 0) { free_page((unsigned long) buf); diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c -index b29036a..dcce79c 100644 +index 05ac9a9..c60faca 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c -@@ -356,6 +356,9 @@ struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags) +@@ -358,6 +358,9 @@ struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags) if (d_is_dir(dentry)) return d_backing_inode(dentry); @@ -84917,10 +84817,10 @@ index b29036a..dcce79c 100644 if (ovl_open_need_copy_up(file_flags, type, realpath.dentry)) { err = ovl_want_write(dentry); diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c -index f42c940..e5ae48a 100644 +index 000b2ed..0be081d 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c -@@ -173,7 +173,7 @@ void ovl_path_lower(struct dentry *dentry, struct path *path) +@@ -175,7 +175,7 @@ void ovl_path_lower(struct dentry *dentry, struct path *path) { struct ovl_entry *oe = dentry->d_fsdata; @@ -84929,7 +84829,7 @@ index f42c940..e5ae48a 100644 } int ovl_want_write(struct dentry *dentry) -@@ -881,8 +881,8 @@ static unsigned int ovl_split_lowerdirs(char *str) +@@ -884,8 +884,8 @@ static unsigned int ovl_split_lowerdirs(char *str) static int ovl_fill_super(struct super_block *sb, void *data, int silent) { @@ -87858,10 +87758,10 @@ index 8d974c4..b82f6ec 100644 { if (UFS_SB(sbp)->s_bytesex == BYTESEX_LE) diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c -index 5031170..472208c 100644 +index 66cdb44..2eb05e1 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c -@@ -426,7 +426,7 @@ static int userfaultfd_release(struct inode *inode, struct file *file) +@@ -432,7 +432,7 @@ static int userfaultfd_release(struct inode *inode, struct file *file) struct userfaultfd_wake_range range = { .len = 0, }; unsigned long new_flags; @@ -100351,22 +100251,6 @@ index 576e463..28fd926 100644 extern void __register_binfmt(struct linux_binfmt *fmt, int insert); -diff --git a/include/linux/bio.h b/include/linux/bio.h -index 79cfaee..fbe47bc 100644 ---- a/include/linux/bio.h -+++ b/include/linux/bio.h -@@ -320,11 +320,6 @@ static inline void bio_get_last_bvec(struct bio *bio, struct bio_vec *bv) - struct bvec_iter iter = bio->bi_iter; - int idx; - -- if (!bio_flagged(bio, BIO_CLONED)) { -- *bv = bio->bi_io_vec[bio->bi_vcnt - 1]; -- return; -- } -- - if (unlikely(!bio_multiple_segments(bio))) { - *bv = bio_iovec(bio); - return; diff --git a/include/linux/bitmap.h b/include/linux/bitmap.h index 9653fdb..b3d3a17 100644 --- a/include/linux/bitmap.h @@ -126560,6 +126444,19 @@ index 9da3287..87089a6 100644 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0); kfree_skb(skb); +diff --git a/net/ipv6/xfrm6_mode_transport.c b/net/ipv6/xfrm6_mode_transport.c +index 4e34410..232827a 100644 +--- a/net/ipv6/xfrm6_mode_transport.c ++++ b/net/ipv6/xfrm6_mode_transport.c +@@ -19,7 +19,7 @@ + * The IP header and mutable extension headers will be moved forward to make + * space for the encapsulation header. + */ +-static int xfrm6_transport_output(struct xfrm_state *x, struct sk_buff *skb) ++static int __intentional_overflow(0) xfrm6_transport_output(struct xfrm_state *x, struct sk_buff *skb) + { + struct ipv6hdr *iph; + u8 *prevhdr; diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c index c074771..45ded9b 100644 --- a/net/ipv6/xfrm6_policy.c @@ -126940,7 +126837,7 @@ index 7961e7d..eea148f 100644 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24), (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn); diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h -index 5322b4c..ed9ecbe 100644 +index 6837a46..f8aaf7d 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -30,6 +30,7 @@ @@ -130211,10 +130108,10 @@ index dc9c792..3089de0 100644 + .process_negotiate = vmci_transport_notify_pkt_process_negotiate, }; diff --git a/net/wireless/wext-core.c b/net/wireless/wext-core.c -index c8717c1..08539f5 100644 +index b50ee5d..ccf70ab 100644 --- a/net/wireless/wext-core.c +++ b/net/wireless/wext-core.c -@@ -748,8 +748,7 @@ static int ioctl_standard_iw_point(struct iw_point *iwp, unsigned int cmd, +@@ -778,8 +778,7 @@ static int ioctl_standard_iw_point(struct iw_point *iwp, unsigned int cmd, */ /* Support for very large requests */ @@ -130224,7 +130121,7 @@ index c8717c1..08539f5 100644 /* Allow userspace to GET more than max so * we can support any size GET requests. * There is still a limit : -ENOMEM. -@@ -788,22 +787,6 @@ static int ioctl_standard_iw_point(struct iw_point *iwp, unsigned int cmd, +@@ -818,22 +817,6 @@ static int ioctl_standard_iw_point(struct iw_point *iwp, unsigned int cmd, } } @@ -180450,7 +180347,7 @@ index 0a578fe..b81f62d 100644 }) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index 484079e..70365d0 100644 +index 7338e30..5adab9c 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -90,12 +90,17 @@ LIST_HEAD(vm_list); @@ -180502,7 +180399,7 @@ index 484079e..70365d0 100644 } EXPORT_SYMBOL_GPL(kvm_clear_guest_page); -@@ -2233,7 +2246,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) +@@ -2236,7 +2249,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) return 0; } @@ -180511,7 +180408,7 @@ index 484079e..70365d0 100644 .release = kvm_vcpu_release, .unlocked_ioctl = kvm_vcpu_ioctl, #ifdef CONFIG_KVM_COMPAT -@@ -2949,7 +2962,7 @@ out: +@@ -2952,7 +2965,7 @@ out: } #endif @@ -180520,7 +180417,7 @@ index 484079e..70365d0 100644 .release = kvm_vm_release, .unlocked_ioctl = kvm_vm_ioctl, #ifdef CONFIG_KVM_COMPAT -@@ -3020,7 +3033,7 @@ out: +@@ -3023,7 +3036,7 @@ out: return r; } @@ -180529,7 +180426,7 @@ index 484079e..70365d0 100644 .unlocked_ioctl = kvm_dev_ioctl, .compat_ioctl = kvm_dev_ioctl, .llseek = noop_llseek, -@@ -3046,7 +3059,7 @@ static void hardware_enable_nolock(void *junk) +@@ -3049,7 +3062,7 @@ static void hardware_enable_nolock(void *junk) if (r) { cpumask_clear_cpu(cpu, cpus_hardware_enabled); @@ -180538,7 +180435,7 @@ index 484079e..70365d0 100644 pr_info("kvm: enabling virtualization on CPU%d failed\n", cpu); } } -@@ -3101,10 +3114,10 @@ static int hardware_enable_all(void) +@@ -3104,10 +3117,10 @@ static int hardware_enable_all(void) kvm_usage_count++; if (kvm_usage_count == 1) { @@ -180551,7 +180448,7 @@ index 484079e..70365d0 100644 hardware_disable_all_nolock(); r = -EBUSY; } -@@ -3568,7 +3581,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3571,7 +3584,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (!vcpu_align) vcpu_align = __alignof__(struct kvm_vcpu); kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align, @@ -180560,7 +180457,7 @@ index 484079e..70365d0 100644 if (!kvm_vcpu_cache) { r = -ENOMEM; goto out_free_3; -@@ -3578,9 +3591,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3581,9 +3594,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (r) goto out_free; @@ -180572,7 +180469,7 @@ index 484079e..70365d0 100644 r = misc_register(&kvm_dev); if (r) { -@@ -3590,9 +3605,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3593,9 +3608,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, register_syscore_ops(&kvm_syscore_ops); diff --git a/4.4.5/4425_grsec_remove_EI_PAX.patch b/4.4.6/4425_grsec_remove_EI_PAX.patch index 2a1aa6c..2a1aa6c 100644 --- a/4.4.5/4425_grsec_remove_EI_PAX.patch +++ b/4.4.6/4425_grsec_remove_EI_PAX.patch diff --git a/4.4.5/4427_force_XATTR_PAX_tmpfs.patch b/4.4.6/4427_force_XATTR_PAX_tmpfs.patch index f6aea64..f6aea64 100644 --- a/4.4.5/4427_force_XATTR_PAX_tmpfs.patch +++ b/4.4.6/4427_force_XATTR_PAX_tmpfs.patch diff --git a/4.4.5/4430_grsec-remove-localversion-grsec.patch b/4.4.6/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/4.4.5/4430_grsec-remove-localversion-grsec.patch +++ b/4.4.6/4430_grsec-remove-localversion-grsec.patch diff --git a/4.4.5/4435_grsec-mute-warnings.patch b/4.4.6/4435_grsec-mute-warnings.patch index b7564e4..b7564e4 100644 --- a/4.4.5/4435_grsec-mute-warnings.patch +++ b/4.4.6/4435_grsec-mute-warnings.patch diff --git a/4.4.5/4440_grsec-remove-protected-paths.patch b/4.4.6/4440_grsec-remove-protected-paths.patch index 741546d..741546d 100644 --- a/4.4.5/4440_grsec-remove-protected-paths.patch +++ b/4.4.6/4440_grsec-remove-protected-paths.patch diff --git a/4.4.5/4450_grsec-kconfig-default-gids.patch b/4.4.6/4450_grsec-kconfig-default-gids.patch index 77f9706..79a866b 100644 --- a/4.4.5/4450_grsec-kconfig-default-gids.patch +++ b/4.4.6/4450_grsec-kconfig-default-gids.patch @@ -16,7 +16,7 @@ from shooting themselves in the foot. diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig --- a/grsecurity/Kconfig 2012-10-13 09:51:35.000000000 -0400 +++ b/grsecurity/Kconfig 2012-10-13 09:52:32.000000000 -0400 -@@ -697,7 +697,7 @@ +@@ -699,7 +699,7 @@ config GRKERNSEC_AUDIT_GID int "GID for auditing" depends on GRKERNSEC_AUDIT_GROUP @@ -25,7 +25,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig config GRKERNSEC_EXECLOG bool "Exec logging" -@@ -946,7 +946,7 @@ +@@ -948,7 +948,7 @@ config GRKERNSEC_TPE_UNTRUSTED_GID int "GID for TPE-untrusted users" depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT @@ -34,7 +34,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Setting this GID determines what group TPE restrictions will be *enabled* for. If the sysctl option is enabled, a sysctl option -@@ -955,7 +955,7 @@ +@@ -957,7 +957,7 @@ config GRKERNSEC_TPE_TRUSTED_GID int "GID for TPE-trusted users" depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT @@ -43,7 +43,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Setting this GID determines what group TPE restrictions will be *disabled* for. If the sysctl option is enabled, a sysctl option -@@ -1040,7 +1040,7 @@ +@@ -1042,7 +1042,7 @@ config GRKERNSEC_SOCKET_ALL_GID int "GID to deny all sockets for" depends on GRKERNSEC_SOCKET_ALL @@ -52,7 +52,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Here you can choose the GID to disable socket access for. Remember to add the users you want socket access disabled for to the GID -@@ -1061,7 +1061,7 @@ +@@ -1063,7 +1063,7 @@ config GRKERNSEC_SOCKET_CLIENT_GID int "GID to deny client sockets for" depends on GRKERNSEC_SOCKET_CLIENT @@ -61,7 +61,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Here you can choose the GID to disable client socket access for. Remember to add the users you want client socket access disabled for to -@@ -1079,7 +1079,7 @@ +@@ -1081,7 +1081,7 @@ config GRKERNSEC_SOCKET_SERVER_GID int "GID to deny server sockets for" depends on GRKERNSEC_SOCKET_SERVER diff --git a/4.4.5/4465_selinux-avc_audit-log-curr_ip.patch b/4.4.6/4465_selinux-avc_audit-log-curr_ip.patch index f1c4923..7248385 100644 --- a/4.4.5/4465_selinux-avc_audit-log-curr_ip.patch +++ b/4.4.6/4465_selinux-avc_audit-log-curr_ip.patch @@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org> diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig --- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400 +++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400 -@@ -1174,6 +1174,27 @@ +@@ -1176,6 +1176,27 @@ menu "Logging Options" depends on GRKERNSEC diff --git a/4.4.5/4470_disable-compat_vdso.patch b/4.4.6/4470_disable-compat_vdso.patch index 281aad9..281aad9 100644 --- a/4.4.5/4470_disable-compat_vdso.patch +++ b/4.4.6/4470_disable-compat_vdso.patch diff --git a/4.4.5/4475_emutramp_default_on.patch b/4.4.6/4475_emutramp_default_on.patch index afd6019..afd6019 100644 --- a/4.4.5/4475_emutramp_default_on.patch +++ b/4.4.6/4475_emutramp_default_on.patch |